Security Engineer II, Infrastructure Security Compliance
DESCRIPTION
AWS Infrastructure Services owns the design, planning, delivery, and operation of all AWS global infrastructure. In other words, we’re the people who keep the cloud running. We support all AWS data centers and all of the servers, storage, networking, power, and cooling equipment that ensure our customers have continual access to the innovation they rely on. We work on the most challenging problems, with thousands of variables impacting the supply chain — and we’re looking for talented people who want to help.
You’ll join a diverse team of with software, systems and network engineers to develop software defined solutions to increase security while reducing complexity. And you’ll experience an inclusive culture that welcomes bold ideas and empowers you to own them to completion.
The Infrastructure Identity Security Team is responsible for the security and risk management of the AWS Network Infrastructure. We build systems that detect, assess, and mitigate risk across the global infrastructure and are accountable for keeping the Amazon Infrastructure secure and compliant with customer requirements.
The Infrastructure Identity Team is looking for a Security Engineer to join our dynamic, outcome-driven team. The successful candidate is an owner who can deliver through high performing, diverse teams and who understands all parts of security, software development, deployment, and operations. A successful candidate must be one that can make risk-based assessments founded on data and facts. The right candidate must think like both an attacker and defender, and drive teams to take actions and mitigate risk. We are seeking engineers, with subject matter expertise in network security and software systems, specifically with access controls in large, segmented networks. We value broad technical knowledge, specifically in the fields of networking, network security, software security, security operations and incident response. We’re looking for leaders who can lead through challenges and seek to shed light on ambiguity. If that is you, Amazon is the place to be as we solve hard problems, make history, and have fun.
Key job responsibilities
You will aid in the development, assessment, and analysis of security outcomes for AWS Infrastructure Identity Team.
As a member of the AWS Infrastructure Identity organization, you are expected to be the security subject matter expert supporting the devleopment teams.
Identify and drive mitigation of security risks through formal, deep dive assessment activities
Lead in the identification and application of remediation and mitigation techniques, including the development of monitoring and reporting capabilities.
Additionally
• Shape the future in network security through automation
• Continuously assess the effectiveness of network security controls and processes
• Work alongside software engineers to deliver best in class tools for Identity customers
• Codify intentions that define security of traffic flows and maintain them through assessments
• Deliver empirical solutions for programs which cross organizational boundaries
• Research and recommend optimizations of new and existing network security architecture
• Work alongside with software engineers on the design and requirements of security software
• Identify network security risks and participate in resolution
• Create documentation for operational procedures and user education
• Mentor junior staff and participate in interviewing as the subject matter expert on network security
A day in the life
You will assess and document network security risks and help developers build tools that will make you more efficient. You will have the freedom to prioritize as needed to balance your personal life, professional growth, key stakeholders, your teammates, and the delivery of your assigned projects. You will help set the security bar and drive the team towards high standards and best practices. Your leadership team and peers will support your ideas and provide opportunities to give and receive feedback freely.
About the team
ABOUT AWS:
Diverse Experiences
Amazon values diverse experiences. Even if you do not meet all of the preferred qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why AWS
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud.
Inclusive Team Culture
Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.
Mentorship and Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
BASIC QUALIFICATIONS
- 4+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- Bachelor's degree in computer science or equivalent
- Knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits or equivalent
- A strong understanding of core internet and networking technologies (routing protocols, network architecture, TCP/IP, etc.)
- Excellent communication and data presentation skills that allow you to clearly, compellingly, and effectively influence audiences internally and externally, across organizational boundaries
PREFERRED QUALIFICATIONS
- CCSP (Certified Cloud Security Professional) or CEH (Certified Ethical Hacker) or CFR (CyberSec First Responder) or Cloud+ or CySA+ (CompTIA Cybersecurity Analyst) or GCED (GIAC Certified Enterprise Defender) or GICSP (Global Industrial Cyber Security Professional) or PenTest+
- Experience performing risk assessments of vulnerabilities and evaluating mitigating controls in large, complex networks
- Linux systems engineering skills and a solid grasp on operating system fundamentals
- Knowledge of at least one scripting language (Python, Perl, Ruby, etc.)
Amazon is committed to a diverse and inclusive workplace. Amazon is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. For individuals with disabilities who would like to request an accommodation, please visit https://www.amazon.jobs/en/disability/us.
Our compensation reflects the cost of labor across several US geographic markets. The base pay for this position ranges from $136,000/year in our lowest geographic market up to $212,800/year in our highest geographic market. Pay is based on a number of factors including market location and may vary depending on job-related knowledge, skills, and experience. Amazon is a total compensation company. Dependent on the position offered, equity, sign-on payments, and other forms of compensation may be provided as part of a total compensation package, in addition to a full range of medical, financial, and/or other benefits. For more information, please visit https://www.aboutamazon.com/workplace/employee-benefits. This position will remain posted until filled. Applicants should apply via our internal or external career site.